Detection Server Controller Service fails to start on Enforce
search cancel

Detection Server Controller Service fails to start on Enforce

book

Article ID: 275064

calendar_today

Updated On:

Products

Data Loss Prevention Core Package

Issue/Introduction

In some instances, if you have upgraded from 16.0 to 16.0.1, the Detection Server Controller Service fails to start if the 16.0 binaries are removed.

 

The same scenario may apply in Enforce server migrations to new OS/servers. In this situation the old installation directories of DLP are not migrated along with the new DLP version. Since the paths configured in the MonitorController.properties point to 16.0 directories, which existed on the old server and were reachable, but are not present on the new server, DLP 16.0.1 will not be able to locate the keystore and will fail to start as a consequence.

Environment

Release : 16.0.1

Cause

The Migrator did not update 2 entries in MonitorController.properties file that, instead, remained pointing to a keystore in the 16.0 directories.  In the SymantecDLPDetectionServerController log you will see the following:

 

WrapperSimpleApp Error: Caused by: java.io.FileNotFoundException: C:\ProgramData\Symantec\DataLossPrevention\EnforceServer\16.0.00000\keystore\enforce.default.jks (The system cannot find the file specified)

Resolution

Update the following file locations:

Filename:  MonitorController.properties

Path:  <drive letter>:\Program Files\Symantec\DataLossPrevention\EnforceServer\16.0.10000\Protect\config

 

Note:  The below values assume this is installed under the C drive.  Please use the correct drive letter for your environment.

Old Values:

# Enforce uds keystore location
uds.ssl.keystore.file.path = C:/ProgramData/Symantec/DataLossPrevention/EnforceServer/16.0.00000/keystore/enforce.default.jks

# Enforce uds truststore location
uds.ssl.truststore.file.path = C:/ProgramData/Symantec/DataLossPrevention/EnforceServer/16.0.00000/keystore/enforce.default.jks

 

Update to the correct folder locations.

 

# Enforce uds keystore location
uds.ssl.keystore.file.path = C:/ProgramData/Symantec/DataLossPrevention/EnforceServer/16.0.10000/keystore/enforce.default.jks

# Enforce uds truststore location
uds.ssl.truststore.file.path = C:/ProgramData/Symantec/DataLossPrevention/EnforceServer/16.0.10000/keystore/enforce.default.jks

 

Once updated, save the file and restart the Detection Server Controller Service. 

Additional Information

The issue is fixed in DLP 16.0 RU2 version.